漏洞 - 第936页-OStack程序员社区-中国程序员成长平台

OStack程序员社区-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2020-15260

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In version 2.10 and earlier, PJ ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：56 | 回复：0
CVE漏洞

CVE-2021-21371

Tenable for Jira Cloud is an open source project designed to pull Tenable.io vulnerability data, then generate Jira Tasks and sub-tasks based on the vulnerabilities' current state. It published in ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：54 | 回复：0
CVE漏洞

CVE-2021-21334

In containerd (an industry-standard container runtime) before versions 1.3.10 and 1.4.4, containers launched through containerd's CRI implementation (through Kubernetes, crictl, or any other pod/c ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：75 | 回复：0
CVE漏洞

CVE-2021-21265

October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October before version 1.1.2, when running on poorly configured servers (i.e. the server routes any requ ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：66 | 回复：0
CVE漏洞

CVE-2020-35233

The TFTP server fails to handle multiple connections on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices, and allows external attackers to force device reboots by sending concurrent connections, aka a deni ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：71 | 回复：0
CVE漏洞

CVE-2020-35232

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-35782. Reason: This candidate is a reservation duplicate of CVE-2020-35782. Notes: All CVE users should reference CVE-2020-35782 ins ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：60 | 回复：0
CVE漏洞

CVE-2020-35231

The NSDP protocol implementation on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices was affected by an authentication issue that allows an attacker to bypass access controls and obtain full control of the ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：92 | 回复：0
CVE漏洞

CVE-2020-35230

Multiple integer overflow parameters were found in the web administration panel on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices. Most of the integer parameters sent through the web server can be abused ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：97 | 回复：0
CVE漏洞

CVE-2020-35229

The authentication token required to execute NSDP write requests on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices is not properly invalidated and can be reused until a new token is generated, which allo ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：76 | 回复：0
CVE漏洞

CVE-2020-35228

A cross-site scripting (XSS) vulnerability in the administration web panel on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices allows remote attackers to inject arbitrary web script or HTML via the languag ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：62 | 回复：0
CVE漏洞

CVE-2020-35227

A buffer overflow vulnerability in the access control section on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices (in the administration web panel) allows an attacker to inject IP addresses into the whitel ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：53 | 回复：0
CVE漏洞

CVE-2020-35226

NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices allow unauthenticated users to modify the switch DHCP configuration by sending the corresponding write request command.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：60 | 回复：0
CVE漏洞

CVE-2021-3034

An information exposure through log file vulnerability exists in Cortex XSOAR software where the secrets configured for the SAML single sign-on (SSO) integration can be logged to the '/var/log/dem ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：53 | 回复：0
CVE漏洞

CVE-2020-35225

The NSDP protocol implementation on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices was not properly validating the length of string parameters sent in write requests, potentially allowing denial of servi ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：63 | 回复：0
CVE漏洞

CVE-2020-35224

A buffer overflow vulnerability in the NSDP protocol authentication method on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices allows remote unauthenticated attackers to force a device reboot.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：89 | 回复：0
CVE漏洞

CVE-2020-35223

The CSRF protection mechanism implemented in the web administration panel on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices could be bypassed by omitting the CSRF token parameter in HTTP requests.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：55 | 回复：0
CVE漏洞

CVE-2020-35222

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-35783. Reason: This candidate is a reservation duplicate of CVE-2020-35783. Notes: All CVE users should reference CVE-2020-35783 ins ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：81 | 回复：0
CVE漏洞

CVE-2020-35221

The hashing algorithm implemented for NSDP password authentication on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices was found to be insecure, allowing attackers (with access to a network capture) to qui ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：61 | 回复：0
CVE漏洞

CVE-2020-35220

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-35801. Reason: This candidate is a reservation duplicate of CVE-2020-35801. Notes: All CVE users should reference CVE-2020-35801 ins ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：57 | 回复：0
CVE漏洞

CVE-2020-27632

In SIMATIC MV400 family versions prior to v7.0.6, the ISN generator is initialized with a constant value and has constant increments. An attacker could predict and hijack TCP sessions.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：64 | 回复：0
CVE漏洞

CVE-2020-19419

Incorrect Access Control in Emerson Smart Wireless Gateway 1420 4.6.59 allows remote attackers to obtain sensitive device information from the administrator console without authentication.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：104 | 回复：0
CVE漏洞

CVE-2020-19417

Emerson Smart Wireless Gateway 1420 4.6.59 allows non-privileged users (such as the default account 'maint') to perform administrative tasks by sending specially crafted HTTP requests to the a ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：74 | 回复：0
CVE漏洞

CVE-2021-21772

A use-after-free vulnerability exists in the NMR::COpcPackageReader::releaseZIP() functionality of 3MF Consortium lib3mf 2.0.0. A specially crafted 3MF file can lead to code execution. An attacker can ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：67 | 回复：0
CVE漏洞

CVE-2021-20205

Libjpeg-turbo versions 2.0.91 and 2.0.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted GIF image.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：52 | 回复：0
CVE漏洞

CVE-2021-0465

In GenerateFaceMask of face.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges neede ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：50 | 回复：0
CVE漏洞

CVE-2021-0464

In sound_trigger_event_alloc of platform.h, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privile ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：55 | 回复：0
CVE漏洞

CVE-2021-0463

In convertToHidl of convert.cpp, there is a possible out of bounds read due to uninitialized data from ReturnFrameworkMessage. This could lead to local information disclosure with no additional execut ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：56 | 回复：0
CVE漏洞

CVE-2021-0462

In the NXP NFC firmware, there is a possible insecure firmware update due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction i ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：46 | 回复：0
CVE漏洞

CVE-2021-0461

In iaxxx_core_sensor_change_state of iaxxx-module.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privi ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：52 | 回复：0
CVE漏洞

CVE-2021-0460

In the FingerTipS touch screen driver, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：41 | 回复：0
CVE漏洞

CVE-2021-0459

In fts_driver_test_write of fts_proc.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. U ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：64 | 回复：0
CVE漏洞

CVE-2021-0458

In the FingerTipS touch screen driver, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：50 | 回复：0
CVE漏洞

CVE-2021-0457

In the FingerTipS touch screen driver, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：79 | 回复：0
CVE漏洞

CVE-2021-0456

In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User inte ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：73 | 回复：0
CVE漏洞

CVE-2021-0455

In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User inte ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：70 | 回复：0
CVE漏洞

CVE-2021-0454

In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User inte ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：84 | 回复：0
CVE漏洞

CVE-2021-0453

In the Titan-M chip firmware, there is a possible disclosure of stack memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User in ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：73 | 回复：0
CVE漏洞

CVE-2021-0452

In the Titan M chip firmware, there is a possible disclosure of stack memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User in ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：70 | 回复：0
CVE漏洞

CVE-2021-0451

In the Titan M chip firmware, there is a possible disclosure of stack memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User in ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：71 | 回复：0
CVE漏洞

CVE-2021-0450

In the Titan M chip firmware, there is a possible disclosure of stack memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User in ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：57 | 回复：0